static function isAuthenticated($app)
{
$post = $app->request->post();
if (!v::key('apiKey', v::stringType())->validate($post) || !v::key('apiToken', v::stringType())->validate($post)) {
return array('authenticated' => false, 'msg' => 'Unauthenticated: Invalid request. Check your parameters and try again.');
}
$user = AuthData::selectUserByIdentifierToken($post['apiKey']);
if (!$user) {
// Validate existing user
return array('authenticated' => false, 'msg' => 'Unauthenticated: No User');
} else {
if (!password_verify($post['apiToken'], $user->apiToken)) {
// Validate Password
return array('authenticated' => false, 'msg' => 'Unauthenticated: Invalid Cookie');
}
}
// Go now. Be free little brother.
if (isset($user->apiKey)) {
unset($user->apiKey);
}
if (isset($user->apiToken)) {
unset($user->apiToken);
}
return array('authenticated' => true, 'user' => $user);
}
private static function authorizeApiToken($app)
{
if (!v::key('apiKey', v::stringType())->validate($app->request->post()) || !v::key('apiToken', v::stringType())->validate($app->request->post())) {
return false;
}
$user = AuthData::selectUserByIdentifierToken($app->request->post('apiKey'));
if (!$user) {
return "user";
}
if (!password_verify($app->request->post('apiToken'), $user->apiToken)) {
return "password";
}
// Go now. Be free little brother.
return $user->id;
}
